Communities and Collections

Posts

Post has attachment

"I want to be absolutely clear that I like Signal. When people ask me how they can secure their communication, I often recommend it. But, I view Signal as complementary to OpenPGP. First, e-mail is unlikely to go away any time soon. Second, Signal doesn't allow transferring arbitrary data including documents. And, importantly, Signal has its own problems. In particular, the main Signal network is centralised, not federated like e-mail, the developers actively discourage third-party clients, and you can't choose your own identity. These decisions are a rejection of a free and open Internet, and pseudononymous communication."

Post has attachment

Interesting visualization of attacks against CBC mode

Post has attachment

"We have completed a cryptanalysis computation which is at the same time a formidable achievement in terms of size (a 1024-bit discrete logarithm computation), and a small-scale undertaking in terms of computational resources (two months of calendar time on 2000 to 3000 cores). In comparison, the "real" record for discrete logarithm is 768 bits (announced this spring) and required 10 times as much computational power.

To achieve this, we cheated. Deliberately. We chose the prime number which defines the problem to be solved in a special way, so that the computation can be made much more efficient. However, we did this in a subtle way, so that the trapdoor we inserted cannot be detected.

Unfortunately, for most of the prime numbers used in cryptography today, we have no guarantee that they have not been generated with such a trapdoor. Breaking a non-trapdoored 1024-bit prime would be about 16 million times harder than breaking our trapdoored prime was for us once we knew the trapdoor."

To achieve this, we cheated. Deliberately. We chose the prime number which defines the problem to be solved in a special way, so that the computation can be made much more efficient. However, we did this in a subtle way, so that the trapdoor we inserted cannot be detected.

Unfortunately, for most of the prime numbers used in cryptography today, we have no guarantee that they have not been generated with such a trapdoor. Breaking a non-trapdoored 1024-bit prime would be about 16 million times harder than breaking our trapdoored prime was for us once we knew the trapdoor."

Post has attachment

Post has attachment

This is not mathematical but it's pretty interesting: it's a side channel attack that allows a complete key recover for a master combo lock.

The video is a bit long but worth watching.

https://www.youtube.com/watch?v=qkolWO6pAL8

The video is a bit long but worth watching.

https://www.youtube.com/watch?v=qkolWO6pAL8

Post has attachment

"Viber’s recently published encryption overview indicates that they use a Double Ratchet algorithm, initially developed by Trevor Perrin and Moxie Marlinspike from Open Whisper Systems but also deployed by Cryptocat and WhatsApp.

Viber claims that forward and backward secrecy are both a goal in this new protocol. If their specification is to be taken literally, I have doubts on whether this security goal is truly fully accomplished. This is because the authenticated key exchange step as defined by Viber differs significantly from how it is currently implemented in mainstream Signal protocol applications"

Viber claims that forward and backward secrecy are both a goal in this new protocol. If their specification is to be taken literally, I have doubts on whether this security goal is truly fully accomplished. This is because the authenticated key exchange step as defined by Viber differs significantly from how it is currently implemented in mainstream Signal protocol applications"

Post has attachment

Post has attachment

Post has attachment

￼

John Oliver Explains the Importance of Encryption and the Current Legal Battle Between the FBI and Apple

John Oliver Explains the Importance of Encryption and the Current Legal Battle Between the FBI and Apple

Wait while more posts are being loaded